Brazil
Government / Health
Second Breach
Brazilian Health Council Conasems Allegedly Breached Again, 766,000 Users' Sensitive Data Leaked
A threat actor using the alias 888 claims to have leaked a database from Conasems, the National Council of Municipal Health Secretariats of Brazil (Conselho Nacional de Secretarias Municipais de Saúde). The actor describes it as a second, newer breach affecting 766,000 unique users, following an earlier incident they attribute to themselves in November 2025. According to the post, the data spans a wide range of fields, including full names, CPF national ID numbers, account passwords, emails, phone numbers, dates of birth, and locations, as well as highly sensitive categories such as sexual orientation, gender identity, disability status, and racial or ethnic information. The claim is unverified.
Brazil▣Post details
Brazil!Allegedly included
- 766,000 unique users
- Full names & CPF national IDs
- Account passwords
- Emails & phone numbers
- Dates of birth
- Sexual orientation & gender identity
- Disability status
- Race & ethnicity data
◱Screenshots
⚠Potential impact
Pairing CPF national ID numbers, account passwords, and contact details with special-category information (sexual orientation, gender identity, disability, and race) makes this an unusually sensitive exposure. Beyond the usual risks of identity theft, account compromise, and fraud, the disclosure of intimate attributes creates real potential for discrimination, outing, and targeted harassment of those affected. CPF numbers are core Brazilian identifiers and cannot be reset, and any exposed passwords would put linked accounts at immediate risk. As a repeat incident, it also points to security weaknesses that may not have been resolved. The claim is unverified.
iStatus
UnverifiedThis is a data-leak post presented as a second breach of the organization, with the download gated behind forum points and several aliases credited alongside the poster (including IntelBroker, EnergyWeaponUser, and wonder). The claim is unverified and Conasems has not publicly addressed it.
DARK WEB INFORMER - THREAT INTELLIGENCE